Watching the men’s gold medal hockey game on the final day of the 2014 Olympics, I’m in awe at the quality of play. Hockey is still one of the classic Winter Olympic games, but it has certainly evolved over the past 90 years – faster skating, better stickhandling and harder slap shots – enabled by a continual innovation in equipment and new technology that helps to refine and measure a player’s performance. Of course, one thing that hasn’t changed is the athlete’s unwavering desire to beat the competition.
In our world, beating the competition means staying one step ahead of the hackers that threaten everyone’s livelihoods. For 25 years, our team of threat defense experts has been focused on one mission: making a world safe for exchanging digital information. This means protecting individuals and organizations from the full range of attacks that threaten the safety of their sensitive information – from data leaks to the most sophisticated targeted attacks.
Just like the athletes, we’ve needed to continually evolve our capabilities to compete. Clearly, traditional defenses on their own just don’t cut it anymore, so we’ve delivered complementary, next-generation threat defense techniques to better protect our customers.
With a solid foundation in signature-based scanning approaches (like anti-malware), we’ve added application-specific protection (like application control, behavioral monitoring and vulnerability protection), and more recently, fully context-aware techniques (like sandboxing and investigation using indicators of compromise).
A blend of these capabilities – unified by centralized visibility and control, and fueled by cloud-based global threat intelligence – is delivered as part of the Trend Micro Smart Protection Platform.
In response to the evolving threat landscape and increasingly complex IT environments, this platform delivers:
|
|
1. Smart protection for information
So what does “smart” protection really mean?
To us, smart protection must enable a full lifecycle of adaptive threat defense – enabling organizations to prevent, detect, analyze and respond to the full range of today’s threats. Smart protection must also be layered across the endpoints, servers and network, while delivering an interconnected threat defense across the organization.
Prevent: The first step in any protection strategy for an organization is to assess potential vulnerabilities across their environment, and then proactively protect endpoints, servers and applications accordingly. The Smart Protection Platform delivers capabilities such as anti-malware, intrusion prevention, application control, web and email security, data loss prevention, and encryption – essential capabilities that help protect against a massive volume of known and anticipated threats before they impact the organization.
Detect: While proactive protection is essential, there will undoubtedly be advanced threats that ‘sneak through’. The Smart Protection Platform delivers capabilities to detect advanced malware, as well as behavior and communications that may be invisible to standard defenses. Capabilities include network-wide threat detection, command and control (C&C) communications alerting, custom sandboxing and application scanning to help confirm the presence of and nature of the threats.
Analyze: To understand how best to remediate and respond to threats, customers must first fully understand the nature, extent and impact of the attack. In addition to alerting and reporting to guide analysis, the Smart Protection Platform includes the ability to interactively explore correlated threat intelligence, and (coming soon) perform endpoint and server forensics using indicators of compromise.
Respond: Finally, customers must be able to respond to threats, adapting their protection against future attacks. The Smart Protection Platform includes automated security updates through its cloud-based global threat intelligence, with reporting that helps customers prioritize areas for remediation. Centralized policy creation can help customers adapt their security posture and improve their overall protection.
The Smart Protection Platform includes capabilities that deliver security across endpoints, servers and the network. Each layer is interconnected, effectively ‘talking’ to the others. If an attack or compromise is detected at the network layer, for example, all other layers need to be immediately aware of this new threat in order to have comprehensive protection.
We think that’s pretty smart.
2. Simple yet flexible to deploy and manage
In an IT-constrained environment that is more complex than ever, a smart protection strategy requires solutions that are simple yet flexible to deploy and manage. The Smart Protection Platform delivers three solutions that are packaged to address the most pressing challenges facing our customers:
|
|
Whether customers deploy one or all three solutions, the Smart Protection Platform provides centralized visibility and control of security status across multiple layers to simplify administration and speed time to response.
The platform also offers flexible deployment to best suit the customer needs – with on-premise or “as a service” cloud-based offerings of key capabilities.
Simple and flexible.
3. Security that fits an evolving ecosystem
The consumerization of IT and rapid adoption of emerging technologies for virtualization and cloud have made it more difficult to ‘fit’ security into such complex environments.
Importantly, the Smart Protection Platform delivers security across physical, virtual and cloud environments. And not only has it been designed to fit with the myriad of evolving applications and platforms, it delivers threat insight to leading SIEMs (Security Information and Event Management), and delivers optimized security for Microsoft Exchange, VMware, Amazon Web Services cloud environments and more.
It just has to fit.
With the flame barely extinguished on this Olympic games, I imagine the athletes are already thinking about the next four years and what it will take to beat the competition. Like the athletes, our threat defense experts remain committed to their objective – to make a world safe for exchanging digital information.
